Security Roundup: edge security at risk following disinterest in mobile security, malware-free attack growth

The telecommunications sector has been actively targeted with cyberespionage-motivated attacks by threat actors such as China and North Korea looking to steal intelligence information. In this climate, more advanced solutions need to be deployed as traditional antivirus (AV) solutions might not properly safeguard their networks. According to CrowdStrike, China is actively concentrating efforts on supply chain compromises and going after strategic sectors such as clean energy, healthcare, biotechnology, and pharmaceuticals.

Financially motivated attacks have been on the rise, yet a major increase was also noticed in eCrime behavior which can cripple business operations and shut them down for long. The Ryuk ransomware attack generated the heftiest ransom demand worth $12.5 million.

“2019 brought an onslaught of new techniques from nation-state actors and an increasingly complex eCrime underground filled with brazen tactics and massive increases in targeted ransomware demands. As such, modern security teams must employ technologies to detect, investigate and remediate incidents faster with swift preemptive countermeasures,” said Adam Meyers, Vice President of Intelligence at CrowdStrike in a statement.

Security loses ground to speed, performance

Security is being compromised for the sake of performance, according to Verizon’s third annual Mobile Security Index 2020. Mobile security is critical in advanced technologies such as IoT and cloud, and the fast deployment of 5G connections will play its part in security.

While many IoT devices are built on mobile security and introduce more risks, 5G connections are expected to be critical in speed, security, and connectivity to support mobile growth. The attack surface is expanding, yet 5G networks deliver enhanced protection against unauthorized tracking and ID theft and provide resilience against cyberattacks.

The report found that 43% of respondents said their businesses sacrificed security, with the top reasons they did so being that 62% of businesses are more interested in saving time/increasing speed, 52% for reasons of convenience and 46% in profitability opportunities. That said, most respondents consider mobile device security a top priority due to the dependence on data kept in the cloud.

“In today’s world, mobile connectivity is more important than ever. Organizations of all sizes and in all industries rely on mobile devices to run much of the day to day operations, so mobile security is a priority,” said Bryan Sartin, executive director, global security services with Verizon in a prepared statement. “The types of devices, diverse applications and further emergence of IoT devices further complicate security. Everyone has to be deliberate and diligent about mobile security to protect themselves and their customers.”

More than half of companies believe mobile device security falls behind security implemented in other systems. Some 87% fear a mobile security breach will affect customer loyalty long term and only 13% have actually implemented security screening, data encryption, need-to-know access and have removed default passwords across the corporation.

Businesses that don’t place mobile security among top priorities are two times more prone to hacking attempts. Almost half compromise on security because they perceive it as a roadblock in being more effective as well as in driving sales and profits, which has resulted in 39% of them falling victim to a security compromise in the past year.

• A rogue or insecure Wi-Fi connection was responsible for compromise with 20% of companies that experienced a mobile compromise.
• An IoT device was the source of a compromise, according to 31% of respondents.

Some of the top threat vectors detected in 2019 are malware and man-in-the-middle (MitM) attacks. Since 2018 when the first Index came out, there has been a 41 percent increase in compromise caused by mobile devices.

Article Topics

5G  |  CrowdStrike  |  edge computing  |  IoT  |  mobile  |  ransomware  |  security  |  Verizon